<?php

if(!defined('IN_AACMS') || !defined('IN_ADMINCP')) {
	exit('Access Denied');
}
	
if(submitcheck('optionsubmit')) {
		
	if($ids = dimplode($_POST['delete'])) {	
		DB::delete('admincp_menu', "id IN ($ids)");
	}
		
	if(is_array($_POST['title'])) {
		foreach($_POST['title'] as $id => $val) {
			DB::update('admincp_menu', array(
				'title' =>	$_POST['title'][$id],
				'displayorder' => $_POST['displayorder'][$id],
				'url' => $_POST['url'][$id]
			), "id='$id'");
		}
	}
		
	if(is_array($_POST['newtitle'])) {
		foreach($_POST['newtitle'] as $key => $value) {
			if($title = trim($value)) {
				if(DB::getOne("SELECT id FROM ".DB::table('admincp_menu')." WHERE title='$title'")) {
					cpmsg('custommenu_duplicate', '', 'error');
				}
				DB::insert('admincp_menu', array(
					'title' => $_POST['newtitle'][$id],
					'displayorder' => $_POST['newdisplayorder'][$id],
					'url' => $_POST['newurl'][$id]
				));
			}
		}
	}

	cpmsg('custommenu_succeed', 'action=misc&operation=custommenu', 'succeed');
}
	
if($operation == 'custommenu') {
		
	$optionlist = '';
	$query = DB::query("SELECT * FROM ".DB::table('admincp_menu')." ORDER BY displayorder");
	while($custom = DB::fetch($query)) {
		$custom['url'] = rawurldecode($custom['url']);
			$optionlist .= showtablerow('', array('class="td25"', 'class="td28"', '', 'class="td26"'), array(
			"<input type=\"checkbox\" class=\"checkbox\" name=\"delete[]\" value=\"$custom[id]\">",
			"<input type=\"text\" class=\"txt\" size=\"3\" name=\"displayorder[$custom[id]]\" value=\"$custom[displayorder]\">",
			"<input type=\"text\" class=\"txt\" size=\"25\" name=\"title[$custom[id]]\" value=\"".cplang($custom['title'])."\">",
			"<input type=\"text\" class=\"txt\" size=\"40\" name=\"url[$custom[id]]\" value=\"$custom[url]\">"
		), TRUE);
	}
		
	include template('misc_custommenu', 'admin');
		
} elseif($operation == 'custommenu_add') {
		
	if($_GET['title'] && $_GET['url']) {
			
		$title = urldecode($_GET['title']);
		$url = urldecode($_GET['url']);
			
		if(DB::getOne("SELECT id FROM ".DB::table('admincp_menu')." WHERE title='$title'")) {
			cpmsg('custommenu_duplicate', '', 'error');
		}
		DB::insert('admincp_menu', array(
			'title' => $title,
			'displayorder' => 0,
			'url' => $url
		));
			
		cpmsg('custommenu_add_succeed', '', 'succeed');
			
	} else {
		cpmsg('parameters_error', '', 'error');
	}
} elseif($operation == 'article_export') {
	
	$aid = intval($_GET['aid']);
	
	$article = DB::getRow("SELECT * FROM ".DB::table('article')." WHERE aid='$aid'");
	if(!$article) {
		$article = DB::getRow("SELECT * FROM ".DB::table('article_trash')." WHERE aid='$aid'");
	}
		
	header('Content-type: application/msword');
	header('Content-Disposition: attachment; filename="'.$article['title'].'.doc"');
	
	echo '<html xmlns:o="urn:schemas-microsoft-com:office:office"  xmlns:w="urn:schemas-microsoft-com:office:word"  xmlns="http://www.w3.org/TR/REC-html40">'; 
	echo '<h2 align="center" style="margin-bottom:50px;">',$article['title'],'</h2><div style="line-height:25px;">',$article['content'],'</div>';
	echo '</html>';
}

?>